xapitoken.php File Reference

Go to the source code of this file.

Functions
catch(ilCmiXapiException $e)	send ($response)

Variables
	$tokenRestriction = true
	see: https://github.com/AICC/CMI-5_Spec_Current/blob/quartz/cmi5_spec.md#fetch_url response should always be a valid json object check oneway fetching is optional: More...
	$origParam = $_GET['param']
if(!isset($origParam)||!strlen($origParam))	try
	$param
	$_COOKIE [session_name()] = $param[session_name()]
	$_COOKIE ['ilClientId'] = $param['ilClientId']
	$objId = $param['obj_id']
	$refId = $param['ref_id']
	$DIC = $GLOBALS['DIC']
	$token = ilCmiXapiAuthToken::getInstanceByObjIdAndRefIdAndUsrId($objId, $refId, $DIC->user()->getId())
if($object->getContentType()==ilObjCmiXapi::CONT_TYPE_CMI5) if($object->isBypassProxyEnabled())	else
	$response = array("auth-token" => $authToken)

Function Documentation

send()

catch (ilCmiXapiException $e) send

(

$response

)

Definition at line 100 of file xapitoken.php.

References $_SERVER, $response, exit, and ILIAS\UI\examples\Symbol\Glyph\Header\header().

Referenced by nusoap_client\call(), ilPersonalProfileGUI\changeEmail(), ilBookingProcessWithScheduleGUI\checkAvailability(), ilCronDeleteInactiveUserReminderMailNotification\initLanguage(), soap_transport_http\sendHTTPS(), ilTermDefinitionBulkCreationGUI\showCreationForm(), ilBookBulkCreationGUI\showCreationForm(), and ilExerciseSubmissionFeedbackGUI\showFeedbackForm().

                        : void
{
    if (isset($_SERVER["HTTP_ORIGIN"]) && $_SERVER["HTTP_ORIGIN"] != "") {
        header('Access-Control-Allow-Origin: ' . $_SERVER["HTTP_ORIGIN"]);
    }
    header('Access-Control-Allow-Credentials: true');
    header('Content-type:application/json;charset=utf-8');
    echo json_encode($response);
    exit;
}

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

$_COOKIE [1/2]

$_COOKIE[session_name()] = $param[session_name()]

Definition at line 54 of file xapitoken.php.

Referenced by ilTinyMCE\addCustomRTESupport(), ilTinyMCE\addRTESupport(), ilInitialisation\applyPluginManipulationsToUiFramework(), ilTestInfoScreenToolbarGUI\buildSessionLockString(), ilContainerGUI\cloneAllObject(), ilObjectCopyGUI\copyContainer(), ilInitialisation\determineClient(), ilDclContentExporter\exportAsync(), ilDelegatingHandler\handle(), ilSoapUserAdministration\login(), ilCalendarRemoteAccessHandler\parseRequest(), ilStartUpGUI\processIndexPHP(), ILIAS\UI\Implementation\Component\Layout\Page\Renderer\renderStandardPage(), ilInitialisation\resumeUserSession(), ilPlainTextHandler\tables(), and ilLoggingErrorFileStorage\tables().

$_COOKIE [2/2]

$_COOKIE[ 'ilClientId'] = $param['ilClientId']

Definition at line 56 of file xapitoken.php.

$DIC

$DIC = $GLOBALS['DIC']

Definition at line 62 of file xapitoken.php.

$objId

$objId = $param['obj_id']

Definition at line 57 of file xapitoken.php.

Referenced by ilObjectCustomUserFieldsPlaceholderValues\__construct(), ilUserDefinedFieldsPlaceholderValues\__construct(), ilDefaultPlaceholderValues\__construct(), ilDclDetailedViewGUI\__construct(), ILIAS\Exercise\Certificate\ExercisePlaceholderValues\__construct(), ilObjCourseReferenceAccess\_preloadData(), ilObjChatroom\cloneObject(), ilCertificateTemplateDatabaseRepository\deleteTemplate(), ilCmiXapiDelModel\deleteXapiObjectEntry(), ilObjCourseGUI\deliverCertificateObject(), ILIAS\Certificate\API\Filter\UserDataFilter\ensureValidUniqueObjIds(), ilCmiXapiContentUploadImporter\generateActivityId(), ilCourseMailTemplateMemberContext\getCachedPeriodByObjId(), ilCourseMailTemplateTutorContext\getCachedPeriodByObjId(), ilLPStatusCmiXapiAbstract\getCmixUserResult(), ilCertificateCron\getDefaultScheduleValue(), XapiProxy\XapiProxyPolyFill\getLrsType(), ilLPStatusLtiOutcome\getLtiUserResult(), ilPDSelectedItemsBlockMembershipsProvider\getObjectsByMembership(), ilUserCertificatePresentation\getObjId(), ilCertificateQueueEntry\getObjId(), ilObjectCustomIcon\getObjId(), ilUserCertificate\getObjId(), ilLTIConsumerPlaceholderValues\getPlaceholderValuesForPreview(), ilForumDraftsDerivedTaskProvider\getTasks(), ilLPStatusTestPassed\getUserIdsByResultArrayStatus(), ILIAS\Course\Certificate\CoursePlaceholderValues\hasCompletionDate(), ilCmiXapiAuthToken\insertToken(), ilEmployeeTalkMyStaffBaseGUI\loadActionBar(), ilCmiXapiAppEventListener\onServiceObjectDeleteOrToTrash(), ilContentPageDataSet\readData(), ilCmiXapiDelCron\run(), ilXapiResultsCronjob\run(), ilCertificateTemplateDatabaseRepository\save(), ilObjCmiXapiVerificationGUI\save(), ilObjLTIConsumerVerificationGUI\save(), ilUserCertificateRepository\save(), ilCmiXapiDelModel\setXapiObjAsDeleted(), ilObjChatroomAccessTest\testAccessChecksFail(), ilObjChatroomAccessTest\testAccessChecksSucceed(), ilTestObjectiveOrientedContainerTest\testObjId(), ilSCORMItemGUI\view(), and ilSCORMPresentationGUI\view().

$origParam

$origParam = $_GET['param']

Definition at line 36 of file xapitoken.php.

$param

$param

Initial value:

= json_decode(openssl_decrypt(
        $param,
        ilCmiXapiAuthToken::OPENSSL_ENCRYPTION_METHOD,
        ilCmiXapiAuthToken::getWacSalt(),
        0,
        ilCmiXapiAuthToken::OPENSSL_IV
    ), true)

Definition at line 46 of file xapitoken.php.

Referenced by ilHistory\_createEntry(), ILIAS\components\ResourceStorage\Container\View\ActionBuilder\appendNamespaceToURIBuilder(), ILIAS\UI\examples\ViewControl\Mode\base(), ILIAS\UI\examples\ViewControl\Section\base(), ILIAS\GlobalScreen\Scope\Layout\Factory\AbstractLayoutModification\checkClosure(), ILIAS\Style\Content\CharacteristicManager\copyCharacteristicFromSource(), ilErrorHandling\devmodeHandler(), ilWebResourceEditableLinkTableGUI\fillRow(), ilCmiXapiLaunchGUI\getAuthTokenFetchLink(), ilObjQuestionPoolListGUI\getCommandLink(), ilObjTestListGUI\getCommandLink(), ilObjLTIConsumer\getCustomParamsArray(), LSUrlBuilder\getHref(), ilForumXMLParser\getIdAndAliasArray(), ilMailFolderGUI\getMailIdsFromRequest(), ILIAS\Data\URI\getParameter(), ilObjLTIConsumer\getProviderCustomParamsArray(), ILIAS\Test\Scoring\Marks\MarkSchemaGUI\getTableActionQueryString(), LSUrlBuilder\getURL(), ilWACPath\handleParameters(), ilWebLinkXmlParser\handlerBeginTag(), ilObjLinkResourceGUI\initFormLink(), ilStartUpGUI\initStartUpTemplate(), ilPCSection\insertTimings(), nusoap_server\invoke_method(), ilPortfolioPageGUI\makePlaceHoldersClickable(), ilPCPlaceHolder\modifyPageContentPostXsl(), ilPCLearningHistory\modifyPageContentPostXsl(), ilPCMap\modifyPageContentPostXsl(), ilPCContentInclude\modifyPageContentPostXsl(), ilPCPlugged\modifyPageContentPostXsl(), ILIAS\Notes\NotificationsManager\notifyObserver(), ilICalParser\parseLine(), ilVirusScannerICapRemote\parseResponse(), ilLSPlayer\play(), ilLanguageFile\read(), ilInitialisation\redirect(), ilICalParser\storeItems(), ilWebResourceParameterTest\testAppendToLink(), ilWebResourceParameterTest\testAppendToLinkException(), ilWebResourceParameterTest\testGetInfo(), ilWebResourceParameterTest\testGetInfoException(), ilWebResourceParameterTest\testToXML(), ilObjLinkResourceGUI\updateLinks(), ilLSPlayer\updateViewState(), and ilICalParser\writeEvent().

$refId

$refId = $param['ref_id']

Definition at line 58 of file xapitoken.php.

Referenced by ilSoapRepositoryStructureObject\__construct(), ilObjEmployeeTalkSeriesGUI\__construct(), ilObjEmployeeTalkGUI\__construct(), ilObjContentPageGUI\_goto(), ilObjTalkTemplateGUI\addAdminLocatorItems(), ILIAS\Certificate\API\Data\UserCertificateDto\addRefId(), ILIAS\Certificate\Overview\CertificateOverviewTable\buildTableRows(), ilObjLTIConsumerGUI\checkContentSelection(), ilObjEmployeeTalkGUI\confirmedDeleteObject(), ilMailTest\create(), ilForumNotificationDataProvider\createRecipientArray(), ILIAS\Course\Certificate\CertificateCourseLearningProgressEvaluation\evaluate(), ilObjSAHSLearningModuleGUI\executeCommand(), ilObjChatroomGUI\executeCommand(), ilObjEmployeeTalkGUI\getAdminTabs(), ilCmiXapiAuthToken\getCmi5SessionByUsrIdAndObjIdAndRefId(), ilTestRandomQuestionSetConfig\getCommaSeparatedSourceQuestionPoolLinks(), ilBlogDraftsDerivedTaskProvider\getFirstRefIdWithPermission(), ilForumDraftsDerivedTaskProvider\getFirstRefIdWithPermission(), ilPDSelectedItemsBlockMembershipsProvider\getObjectsByMembership(), ilEmployeeTalkAppointmentGUI\getPendingTalksInSeries(), ilForumDraftsDerivedTaskProvider\getTasks(), ilBlogDraftsDerivedTaskProvider\getTasks(), ilObjEmployeeTalkSeriesGUI\getTemplateRefId(), ilCertificateAppEventListener\handleLPUpdate(), ilObjChatroomGUI\infoScreen(), ilCmiXapiAuthToken\insertToken(), ilDashboardBlockGUI\isRootNode(), ilUserCertificateGUI\listCertificates(), ilEmployeeTalkMyStaffBaseGUI\loadActionBar(), ilMailGroupAddressType\resolve(), ILIAS\Course\Certificate\CertificateSettingsCourseFormRepository\save(), ilObjLTIConsumerGUI\saveContentSelection(), ilHelpGUI\setCtrlPar(), ilObjSAHSLearningModuleGUI\setTabs(), ilObjSCORMTracking\storeJsApi(), ilObjChatroomAccessTest\testAccessChecksFail(), ilObjChatroomAccessTest\testAccessChecksSucceed(), ilForumNotificationTest\testCheckForumsExistsInsert(), ilMailTest\testGetMailObjectReferenceId(), ilTestObjectiveOrientedContainerTest\testRefId(), ilObjSAHSLearningModuleGUI\uploadObject(), ilObjEmployeeTalkGUI\validateCustom(), and ilSCORMItemGUI\view().

$response

$response = array("auth-token" => $authToken)

Definition at line 93 of file xapitoken.php.

Referenced by ilSessionReminderCheck\__construct(), ilCmiXapiStatementsDeleteRequest\__construct(), ilCmiXapiStatementsDeleteRequest\_lookUpDataCount(), ilNICKeyRegisteredObjective\achieve(), ilChatroomBanGUI\active(), ilObjChatroomGUI\afterImport(), ilObjChatroomGUI\afterSave(), ILIAS\UI\examples\Prompt\State\Show\base(), ILIAS\UI\examples\Prompt\State\Close\base(), ILIAS\UI\examples\Prompt\State\Redirect\base(), ILIAS\UI\examples\Prompt\Standard\base(), ilMathJaxServer\call(), ilCmiXapiLaunchGUI\CMI5preLaunch(), ilChatroomAbstractTaskTestBase\createSendResponseMock(), ilCmiXapiStatementsDeleteRequest\deleteData(), ilLTIConsumerResultService\deleteResult(), ILIAS\FileDelivery\FileDeliveryTypes\XSendfile\deliver(), ILIAS\FileDelivery\FileDeliveryTypes\PHPChunked\deliver(), ILIAS\FileDelivery\FileDeliveryTypes\XAccel\deliver(), ILIAS\FileDelivery\Delivery\deliver(), ILIAS\FileDelivery\Delivery\ResponseBuilder\PHPResponseBuilder\deliverPartial(), ilForumAutoSaveAsyncDraftAction\executeAndGetResponseObject(), ilOnScreenChatGUI\executeCommand(), ILIAS\MetaData\OERExposer\OAIPMH\Handler\AbstractCtrlAwareUploadHandler\executeCommand(), ilChatroomClearGUI\executeDefault(), ILIAS\UI\examples\Prompt\Standard\form(), assImagemapQuestionImport\fromXML(), assMultipleChoiceImport\fromXML(), assNumericImport\fromXML(), assSingleChoiceImport\fromXML(), assTextSubsetImport\fromXML(), assKprimChoiceImport\fromXML(), assOrderingQuestionImport\fromXML(), assTextQuestionImport\fromXML(), assMatchingQuestionImport\fromXML(), assClozeTestImport\fromXML(), ilObjFilePreviewRendererGUI\getAsyncModal(), ilLTIConsumerAdministrationGUI\getInput(), ilChatroomAuthInputGUI\getRandomValues(), ilOpenIdConnectSettings\getSupportedScopesFromUrl(), ilWebAccessCheckerDelivery\handleAccessErrors(), ilWebAccessCheckerDelivery\handleNotFoundError(), ILIAS\components\WOPI\Handler\RequestHandler\handleRequest(), ilWebAccessChecker\initILIAS(), ilChatroomInviteUsersToPrivateRoomGUI\inviteById(), ilChatroomServerConnector\isServerAlive(), ilChatroomGUIHandler\isSuccessful(), ilLTIConsumerContentGUI\launch(), ilChatroomViewGUI\lostConnection(), ilChatroomKickGUI\main(), ilVirusScannerICapRemote\options(), ilObjFooterUIHandling\outAsync(), ILIAS\UI\examples\Prompt\Standard\parameters(), ilVirusScannerICapRemote\parseResponse(), ILIAS\StaticURL\Handler\HandlerService\performRedirect(), ilObjLearningSequenceLearnerGUI\play(), ILIAS\FileDelivery\FileDeliveryTypes\XAccel\prepare(), ilCmiXapiStatementsDeleteRequest\queryBatch(), ilLTIConsumerResultService\readResult(), ilCtrl\redirectToURL(), ilLearningHistoryGUI\renderAsync(), ilLTIConsumerResultService\replaceResult(), ILIAS\COPage\Editor\Server\Server\reply(), ilVirusScannerICapRemote\reqMod(), ilVirusScannerICapRemote\respMod(), ilLTIConsumerResultService\respondUnknown(), ilLTIConsumerResultService\respondUnsupported(), ILIAS\LegalDocuments\Consumer\DownloadMultipleConsumer\run(), ilLegalDocumentsAdministrationGUI\searchUser(), ilVirusScannerICapRemote\send(), send(), ILIAS\FileDelivery\Delivery\sendEtagHeader(), ilWebAccessChecker\sendHeader(), ilChatroomGUIHandler\sendJSONResponse(), ILIAS\FileDelivery\Delivery\sendLastModified(), ILIAS\MetaData\OERExposer\OAIPMH\HTTP\Wrapper\sendResponseAndClose(), ILIAS\MetaData\OERExposer\OAIPMH\Handler\sendResponseToRequest(), ILIAS\Saml\Module\sendXMLString(), ILIAS\FileDelivery\Delivery\setCachingHeaders(), ilUtil\setCookie(), ILIAS\FileDelivery\Delivery\setDispositionHeaders(), ILIAS\FileDelivery\Delivery\setGeneralHeaders(), ilLTIConsumerContentGUI\showEmbedded(), ilChatroomViewGUI\showRoom(), ilWACTokenTest\testCookieGeneration(), ILIAS\Tests\FileDelivery\FileDeliveryTypes\XAccelTest\testDeliverWithDataPathWhichShouldSucceed(), ILIAS\Tests\FileDelivery\FileDeliveryTypes\XAccelTest\testDeliverWithNormalPathWhichShouldSucceed(), ILIAS\Tests\FileDelivery\FileDeliveryTypes\XAccelTest\testPrepareWhichShouldSucceed(), ILIAS\MetaData\Repository\Validation\Processor\PreProcessorManagerImplTest\testProcessValidFileWhichShouldSucceed(), ILIAS\Tests\FileDelivery\FileDeliveryTypes\XSendfileTest\testSendFileWithXSendHeaderWhichShouldSucceed(), ilBuddySystemGUI\transitionAsyncCommand(), ilResourceCollectionGUI\upload(), ilContainerResourceGUI\upload(), and ilOpenIdConnectSettings\validateScopes().

$token

$token = ilCmiXapiAuthToken::getInstanceByObjIdAndRefIdAndUsrId($objId, $refId, $DIC->user()->getId())

Definition at line 70 of file xapitoken.php.

Referenced by XapiProxy\XapiProxyPolyFill\__construct(), ILIAS\UI\URLBuilder\acquireParameter(), ILIAS\UI\URLBuilder\acquireParameters(), ILIAS\UI\examples\Prompt\Standard\base(), ilObjLTIConsumer\buildLaunchParameters(), ILIAS\FileDelivery\Services\buildTokenURL(), ILIAS\components\DataCollection\Fields\Formula\FormulaParser\Result\MathResultResolver\calculateFunctions(), ilWACSignedResourceStorage\canBeDelivered(), ilPersonalProfileGUI\changeEmail(), ilLTIConsumerResourceBase\checkTool(), ilObjLTIConsumerGUI\contentSelectionResponse(), ilCalendarSubscriptionGUI\createToken(), ilBiblFieldFilterGUI\delete(), ilWebAccessCheckerDelivery\deliver(), EvalMath\evaluate(), ilLTIConsumerGradeServiceScores\execute(), EvalMath\from_hexbin(), ilCtrlTokenRepository\generateToken(), ILIAS\LTIOAuth\OAuthSignatureMethod_HMAC_SHA1\get_name(), ILIAS\components\ResourceStorage\Container\View\ActionBuilder\getActions(), ilWebDAVLockObject\getAsSabreDavLock(), ilSessionMaxIdleIsSetObjective\getCurlConnection(), ilBiblFieldFilterGUI\getFieldFilterFromRequest(), ilLTIConsumerContentGUI\getLaunchParameters(), ilWACTokenTest\getModifiedSignedPath(), ILIAS\User\Profile\ChangeMailTokenDBRepository\getNewTokenForUser(), ilSessionMaxIdleIsSetObjective\getPHPIniValuesByFileGetContents(), ilSessionMaxIdleIsSetObjective\getPreconditions(), ilResourceCollectionGUI\getResourceIdsFromRequest(), ilContainerResourceGUI\getResourceIdsFromRequest(), ilLTIConsumerContentGUI\getStartButtonTxt11(), ilLTIConsumerContentGUI\getStartButtonTxt13(), ilCtrl\getTargetUrl(), ilCtrlTokenRepository\getToken(), ILIAS\User\Profile\ChangeMailToken\getToken(), ilWebDAVLockObject\getToken(), ILIAS\User\Profile\ChangeMailTokenDBRepository\getTokenForTokenString(), ILIAS\MetaData\OERExposer\OAIPMH\Responses\RequestProcessorTestCase\getTokenHandler(), ilCmiXapiLaunchGUI\getValidToken(), ILIAS\Test\Results\Presentation\AttemptResultsTable\getViewControls(), ILIAS\MetaData\OERExposer\OAIPMH\Responses\RequestProcessorTestCase\getWriter(), ilPersonalProfileGUI\goToEmailConfirmation(), ilLTIConsumerResultService\handleRequest(), ILIAS\components\DataCollection\Fields\Formula\FormulaParser\Result\MathResultResolver\hasDateFieldsInMathTokens(), ilObjFooterUIHandling\hasPermission(), ilECSParticipantSettingsGUI\initFormSettings(), ilCalendarRemoteAccessHandler\initTokenHandler(), ILIAS\components\DataCollection\Fields\Formula\FormulaParser\Token\Tokenizer\isMathToken(), ilCmiXapiLaunchGUI\launchCmd(), ILIAS\MetaData\OERExposer\OAIPMH\Responses\RequestProcessor\listRecordsOrIdentifiers(), ilMailLuceneQueryParser\parse(), ILIAS\components\DataCollection\Fields\Formula\FormulaParser\ExpressionParser\parse(), ilLangDeprecated\parseCodeFile(), ILIAS\components\DataCollection\Fields\Formula\FormulaParser\Result\MathResultResolver\parseMath(), EvalMath\pfx(), ILIAS\UI\URLBuilder\renderTokens(), ilDashboardPageLanguageSelectGUI\select(), sendAccessToken(), ActionTest\setUp(), ILIAS\components\DataCollection\Fields\Formula\FormulaParser\Substitution\FieldSubstitution\substituteFieldValues(), ILIAS\UI\URLBuilderTokenTest\testConstruct(), DataTest\testDataTableActions(), DataRendererTest\testDataTableGetActionRegistration(), DataRendererTest\testDataTableMultiActionsDropdown(), DataRendererTest\testDataTableRenderHeaderWithActions(), DataRendererTest\testDataTableRowBuilder(), DataRendererTest\testDataTableSingleActionsDropdown(), ILIAS\User\Tests\ChangeMailTokenDBRepositoryTest\testGetTokenForTokenStringReturnsCorrectToken(), ILIAS\User\Tests\ChangeMailTokenDBRepositoryTest\testGetTokenForTokenStringReturnsNullOnExpiredToken(), ILIAS\User\Tests\ChangeMailTokenDBRepositoryTest\testGetTokenForTokenStringReturnsNullOnInvalidToken(), ActionFactoryTest\testImplementsInterfaces(), ILIAS\MetaData\OERExposer\OAIPMH\FlowControl\TokenHandlerTest\testIsTokenValidNonsenseAppended(), ILIAS\MetaData\OERExposer\OAIPMH\FlowControl\TokenHandlerTest\testTokenGenerateAndReadOutOnlyOffset(), ILIAS\MetaData\OERExposer\OAIPMH\FlowControl\TokenHandlerTest\testTokenGenerateAndReadOutWithBothDates(), ILIAS\MetaData\OERExposer\OAIPMH\FlowControl\TokenHandlerTest\testTokenGenerateAndReadOutWithFromDate(), ILIAS\MetaData\OERExposer\OAIPMH\FlowControl\TokenHandlerTest\testTokenGenerateAndReadOutWithUntilDate(), ILIAS\MetaData\OERExposer\OAIPMH\FlowControl\TokenHandlerTest\testTokenGenerateAndReadOutWithUntilDateInTheFuture(), ILIAS\UI\URLBuilderTokenTest\testTokenLength(), ILIAS\UI\URLBuilderTokenTest\testTokenName(), ilCtrlTokenTest\testTokenRetrieval(), ilCtrlTokenTest\testTokenVerification(), XapiProxy\XapiProxy\token(), ILIAS\components\DataCollection\Fields\Formula\FormulaParser\Token\Tokenizer\valuesToTokens(), and ilObjLTIConsumer\verifyToken().

$tokenRestriction

$tokenRestriction = true

see: https://github.com/AICC/CMI-5_Spec_Current/blob/quartz/cmi5_spec.md#fetch_url response should always be a valid json object check oneway fetching is optional:

The AU SHOULD NOT attempt to retrieve the authorization token more than once. The fetch URL is a "one-time use" URL and subsequent uses SHOULD generate an error (see Section 8.2.3).

On reloading the initial content page it will send the exact url twice, should we really restrict this behavior? If there are issues on page reload it might be useful to set $tokenRestriction = false .

Definition at line 34 of file xapitoken.php.

else

if ( $object->getContentType()==ilObjCmiXapi::CONT_TYPE_CMI5) if ( $object->isBypassProxyEnabled()) else

Initial value:

{
        $authToken = base64_encode(CLIENT_ID . ':' . $token->getToken())

Definition at line 88 of file xapitoken.php.

try

catch (ilCmiXapiException $e) try

Initial value:

{
    $param = base64_decode(rawurldecode($origParam))

Definition at line 43 of file xapitoken.php.